[jira] [Updated] (FELIX-6168) Enable WebConsole login only after specified Security Providers are present
[ https://issues.apache.org/jira/browse/FELIX-6168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Bosschaert updated FELIX-6168: Attachment: FELIX-6168.patch > Enable WebConsole login only after specified Security Providers are present > --- > > Key: FELIX-6168 > URL: https://issues.apache.org/jira/browse/FELIX-6168 > Project: Felix > Issue Type: Bug > Components: Web Console >Affects Versions: webconsole-4.3.12 >Reporter: David Bosschaert >Assignee: David Bosschaert >Priority: Major > Fix For: webconsole-4.3.14 > > Attachments: FELIX-6168.patch > > > It should be possible to configure the WebConsole to only accept logins after > specified Security Providers are found. > If these security providers are not yet registered in the Service Registry, > logging in should be disabled. The local plain username/password approach > should not provide the opportunity to log in, in that case. > The configuration to enable this should be provided as a framework property. > This approach is similar to what has been implemented for ConfigAdmin in > FELIX-6059 -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Updated] (FELIX-6168) Enable WebConsole login only after specified Security Providers are present
[ https://issues.apache.org/jira/browse/FELIX-6168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated FELIX-6168: Fix Version/s: webconsole-4.3.14 > Enable WebConsole login only after specified Security Providers are present > --- > > Key: FELIX-6168 > URL: https://issues.apache.org/jira/browse/FELIX-6168 > Project: Felix > Issue Type: Bug > Components: Web Console >Affects Versions: webconsole-4.3.12 >Reporter: David Bosschaert >Assignee: David Bosschaert >Priority: Major > Fix For: webconsole-4.3.14 > > > It should be possible to configure the WebConsole to only accept logins after > specified Security Providers are found. > If these security providers are not yet registered in the Service Registry, > logging in should be disabled. The local plain username/password approach > should not provide the opportunity to log in, in that case. > The configuration to enable this should be provided as a framework property. > This approach is similar to what has been implemented for ConfigAdmin in > FELIX-6059 -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Updated] (FELIX-6168) Enable WebConsole login only after specified Security Providers are present
[ https://issues.apache.org/jira/browse/FELIX-6168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Bosschaert updated FELIX-6168: Description: It should be possible to configure the WebConsole to only accept logins after specified Security Providers are found. If these security providers are not yet registered in the Service Registry, logging in should be disabled. The local plain username/password approach should not provide the opportunity to log in, in that case. The configuration to enable this should be provided as a framework property. This approach is similar to what has been implemented for ConfigAdmin in FELIX-6059 was: It should be possible to disable plain username/password access to the WebConsole. When disabled, a simple user name and password (such as the default admin/admin) does not work any more. The WebConsole Security Provider should be the only enabled mechanism to log in. Disabling should happen through configuration or a framework property. > Enable WebConsole login only after specified Security Providers are present > --- > > Key: FELIX-6168 > URL: https://issues.apache.org/jira/browse/FELIX-6168 > Project: Felix > Issue Type: Bug > Components: Web Console >Affects Versions: webconsole-4.3.12 >Reporter: David Bosschaert >Assignee: David Bosschaert >Priority: Major > > It should be possible to configure the WebConsole to only accept logins after > specified Security Providers are found. > If these security providers are not yet registered in the Service Registry, > logging in should be disabled. The local plain username/password approach > should not provide the opportunity to log in, in that case. > The configuration to enable this should be provided as a framework property. > This approach is similar to what has been implemented for ConfigAdmin in > FELIX-6059 -- This message was sent by Atlassian JIRA (v7.6.14#76016)
[jira] [Updated] (FELIX-6168) Enable WebConsole login only after specified Security Providers are present
[ https://issues.apache.org/jira/browse/FELIX-6168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Bosschaert updated FELIX-6168: Summary: Enable WebConsole login only after specified Security Providers are present (was: Disable username/password access to WebConsole) > Enable WebConsole login only after specified Security Providers are present > --- > > Key: FELIX-6168 > URL: https://issues.apache.org/jira/browse/FELIX-6168 > Project: Felix > Issue Type: Bug > Components: Web Console >Affects Versions: webconsole-4.3.12 >Reporter: David Bosschaert >Assignee: David Bosschaert >Priority: Major > > It should be possible to disable plain username/password access to the > WebConsole. > When disabled, a simple user name and password (such as the default > admin/admin) does not work any more. > The WebConsole Security Provider should be the only enabled mechanism to log > in. > Disabling should happen through configuration or a framework property. -- This message was sent by Atlassian JIRA (v7.6.14#76016)
